Public key authentication for debug session #9053
Comments
|
Thanks for contributing to this issue. As it has been 90 days since the last activity, we are automatically closing the issue. This is often because the request was already solved in some way and it just wasn't updated or it's no longer applicable. If that's not the case, please do feel free to either reopen this issue or open a new one. We'll gladly take a look again! You can read more here: https://blog.travis-ci.com/2018-03-09-closing-old-issues |
|
actually we could just use a random generated password, that way user doesn't have to configure public key I've described that here: https://travis-ci.community/t/enable-debug-mode-everywhere/6154 |
|
CircleCI uses the SSH keys from your GH account. See https://circleci.com/docs/2.0/ssh-access-jobs/ I would prefer this approach because for most people it would "just work" with no config options required. I think this a huge QoL improvement. |
https://docs.travis-ci.com/user/running-build-in-debug-mode/ warns that there's no authentication for debug SSH access which is a security hazard.
This is easily fixable by allowing a user to specify SSH public key(s) to authenticate with.
The key can be specified in web UI either in a custom entry, or, to reuse existing facilities and UI, as some specific environment variable. Then all it takes is to append it to
~/.ssh/authorized_keysin a startup script.The text was updated successfully, but these errors were encountered: